In mutt_decode_uuencoded(), the line length is read from the untrusted uuencoded part without validation. This could result in including private memory in replys, for example fragments of other messages, passphrases…
>> CATEGORY: exploit
The code in cc::PaintImageReader::Read (cc::PaintImage*) does not properly check the incoming data when handling embedded image data, resulting in an out-of-bounds copy into the filter bitmap data.
Nginx version 1.20.0 suffers from a denial of service vulnerability.
Sashimi Evil OctoBot Tentacle is a python script that exploits a vulnerability that lies in the Tentacles upload functionality of the cryptocurrency trading bot OctoBot which is designed to be…
WordPress Visual Slide Box Builder plugin version 3.2.9 suffers from a remote SQL injection vulnerability.
WordPress Visual Slide Box Builder plugin version 3.2.9 suffers from a remote SQL injection vulnerability.
On Windows 11, the Kerberos SSP’s KerbRetrieveEncodedTicketMessage message can be used to get an arbitrary service ticket and session key from an AppContainer even without the enterprise authentication capability leading…
On Windows 11, the Kerberos SSP’s KerbRetrieveEncodedTicketMessage message can be used to get an arbitrary service ticket and session key from an AppContainer even without the enterprise authentication capability leading…
Magnolia CMS versions 6.2.19 and below suffer from a persistent cross site scripting vulnerability.
On CPUs without SELFSNOOP support, a Xen PV domain that has access to a PCI device (which grants the domain the ability to set arbitrary cache attributes on all its…